Service providers receive authentication attempts from users wishing to gain access to sensitive information such as bank account data. Some users attempt to gain access to such information with credentials obtained fraudulently from a legitimate account holder.
Conventional authentication employs multiple factors. For example, in addition to the usual username/password combination, conventional authentication requires additional user input such as a response to a challenge. One type of challenge relates to personal questions that only the legitimate user should be able to answer correctly; another type of challenge is biometric in nature.
One example of a biometric challenge requires the user to repeat a randomly selected phrase into a microphone. Conventional authentication compares the voice signature of the spoken phrase to a voice signature corresponding to the legitimate user.